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DETAILED ACTION 

1. Applicant's amendment filed on Jan 31, 20048 has been entered. Claims 2-26, 34 are pending. 
Claim 1 is canceled by the applicant and claims 2-10, 18 are amended and Claim 34 is newly added by the 
applicant. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections 
set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this 
title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 10-13, 16-22 and 26 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Krishnan et al (US Patent No. 6,405,316) and in view of Golan (US Patent No. 5,974,549) and in view of 
Granger et al (US Patent No. 6,643,775). 

As per claim 10 , Krishnan teaches: 

providing a compiled executable file for persisting an object model having [Fig. 1]: an image source from 
which the persisted object model is instantiated in a memory of a computer [Fig. 1, col. 6 lines 25-35, col. 7 
lines 1-10]; a security source from which a security agent is instantiated in the memory of the computer 
[Fig. 8A, 8B col. 9 lines 55-56]; and loader for being instantiated in the memory of the computer [Fig. 1, 8A, 
8B, col. 3 lines 1-4]; instantiating the security agent in the memory from the security source, and returning 
to the commander a first reference to the instantiated security agent, whereby the commander in 
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employing the first reference accesses the security agent rather than the instantiated object model [Fig. 6, 
8A, col. 8 lines 49-65]. 
Golan teaches: 

a security agent is instantiated in the memory of the computer; the security agent for controlling access to 
the object model as instantiated in the memory of the computer, upon a command from a commander to 
execute the executable file to instantiate the persisted object model, the loader for instantiating the object 
model in the memory from the image source, instantiating the security agent in the memory from the 
security source, and returning to the commander a first reference to the instantiated security agent, 
whereby the commander in employing the first reference accesses the security agent rather than the 
instantiated object model [Fig. 9, 14, col. 8 lines 29-67, col. 9 lines 1-10, Fig. 5, col. 11 lines 45-67, col. 12 
lines 1-13, col. 13 lines 5-67, col. 14 lines 1-40]. 

Golan teaches that the security agent/monitor prevents the security breach by monitoring the 
call/command as above. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Golan with Krishnan, since one would have been motivated to prevent the security 
breaches by monitoring the execution of the software component to [Golan, col. 1 lines 13-28]. 
Granger teaches: the security agent does not allow the object model to be exposed in a non-obfuscated 
form [col. 15 lines 53-59, col. 19 lines 35-58]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Granger with Krishnan and Golan to add obfuscation layer into the software 
application/program, since one would have been motivated to prevent unauthorized distribution and use of 
the computer program [Granger, col. 1 lines 20-21]. 
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As per claim 1 1 , the rejection of claim 10 is incorporated and Golan discloses: 

the loader upon instantiating the security agent provides same with a second reference to the instantiated 
object model, whereby the commander does not have the second reference and therefore cannot directly 
access the object model or command same to act [Fig. 4, col. 7 lines 50-57, Fig. 10]. 
As per claim 12 , the rejection of claim 10 is incorporated and Golan discloses: 

the instantiated security agent passes on each command (i.e. API call) from the commander to the object 
model unless such security agent deems such command to be of a type that should not be so passed on 
[col. 2 lines 43-47, 67, col. 3 lines 1-3]. 

As per claim 13 , the rejection of claim 12 is incorporated and Golan discloses blocking the API calls (i.e. 
commands) that are forbidden according to the security policy [col. 2 line 67, col. 3 lines 1-3]. 
Granger teaches: the security agent does not expose the object model in a non-obfuscated form [col. 15 
lines 53-59, col. 19 lines 35-58]. 

As per claims 1 6 and 1 7 , the rejection of claim 10 is incorporated and Krishnan discloses: 
the loader instantiates the security agent as part of the object model [Fig. 8A, 8B]. 

As per claim 18 , it encompasses limitations that are similar to limitations of claim 10. Thus, it is rejected 

with the same rationale applied against claim 10 above. 

As per claim 19 , the rejection of claim 18 is incorporated and Golan discloses: 

the executable file is compiled by a compiler from a C-type programming language object model document 
[col. 9 lines 56-67, col. 10 lines 1-18, Fig. 4]. 

As per claim 20 , the rejection of claim 18 is incorporated and it encompasses limitations that are similar to 
limitations of claim 1 1 . Thus, it is rejected with the same rationale applied against claim 1 1 above. 
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As per claim 21 , the rejection of claim 18 is incorporated and it encompasses limitations that are similar to 

limitations of claim 12. Thus, it is rejected with the same rationale applied against claim 12 above. 

As per claim 22 , the rejection of claim 21 is incorporated and it encompasses limitations that are similar to 

limitations of claim 13. Thus, it is rejected with the same rationale applied against claim 13 above. 

As per claim 26 , the rejection of claim 18 is incorporated and it encompasses limitations that are similar to 

limitations of claim 16. Thus, it is rejected with the same rationale applied against claim 16 above. 

3. Claims 14, 15, 23 and 24 are rejected under 35 U.S.C. 103(a) as being unpatentable over Krishnan 
et al (US Patent No. 6,405,316) and in view of Golan (US Patent No. 5,974,549) and in view of Granger et 
al (US Patent No. 6,643,775) and Masaki et al (US Patent No. 6,980,308). 
As per claim 14 , the rejection of claim 4 is incorporated and Golan discloses: 

blocking the API calls (i.e. commands) by the security monitor that are forbidden according to the security 
policy [col. 2 line 67, col. 3 lines 1-3]. 
Masaki teaches: 

if the degree of matching with the specified pattern is large (i.e. expose the object with a level of granularity 
finer than a pre-defined maximum), sends a print inhibition command to the printer driver to stop the 
transmission of the print data (i.e. does not pass a command) [col. 4 lines 1-5, col. 3 lines 9-13, Fig. 7]. 
Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Masaki with Krishnan, Golan and Granger, since one would have been motivated to 
provide the security [Masaki, col. 1 line 13]. 

As per claim 15 , the rejection of claim 14 is incorporated and Golan discloses: 
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allowing the API calls (i.e. commands) by the security monitor that are permitted according to the security 
policy [col. 3 lines 3-5]. 
Masaki teaches: 

the pattern detector does not detect a specified pattern (i.e. expose the object with a level of granularity 
coarser than the pre-defined maximum), sends a print permission command to the printer driver to start the 
transmission of the print data (i.e. passes a command) [col. 3 lines 1-7, Fig. 7]. 

As per claim 23 , the rejection of claim 21 is incorporated and it encompasses limitations that are similar to 
limitations of claim 14. Thus, it is rejected with the same rationale applied against claim 14 above. 
As per claim 24 , the rejection of claim 23 is incorporated and it encompasses limitations that are similar to 
limitations of claim 15. Thus, it is rejected with the same rationale applied against claim 15 above. 

4. Claim 25 is rejected under 35 U.S.C. 103(a) as being unpatentable over Krishnan et al (US Patent 
No. 6,405,316) and in view of Golan (US Patent No. 5,974,549) and in view of Granger et al (US Patent 
No. 6,643,775) and in view of Dutta et al (US Pub. No. 2002/0138727). 

As per claim 25 , the rejection of claim 18 is incorporated and Krishnan discloses the security agent and the 
object model [Fig. 1]. 
Dutta teaches: 

the loader instantiates the security agent (i.e. class public ServerClassM) separately from the object model 
(i.e. Class public ClientClassA or Class public ClientClassB) [Fig. 4A, paragraph 0047, 0048, 0050]. 
Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Dutta with Krishnan, Golan and Granger, since one would have been motivated to 
provide secure access control [Dutta, paragraph 0009 lines 4-5]. 
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5. Claims 34, 2-4, 9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Krishnan et al 
(US Patent No. 6,405,316) and in view of Golan (US Patent No. 5,974,549) and in view of Liberman et al 
(US Pub. No. 2003/0028801). 
As per claim 34 , Krishnan teaches: 

a compiled executable file for persisting an object model having [Fig. 1]: an image source from which the 
persisted object model is instantiated in a memory of a computer [Fig. 1, col. 6 lines 25-35, col. 7 lines 1- 
10]; a security source from which a security agent is instantiated in the memory of the computer [Fig. 8A, 
8B col. 9 lines 55-56]; and a loader for being instantiated in the memory of the computer [Fig. 1, 8A, 8B, 
col. 3 lines 1-4]. Further, Krishnan teaches instantiating the security agent in the memory from the security 
source, and returning to the commander a first reference to the instantiated security agent, whereby the 
commander in employing the first reference accesses the security agent rather than the instantiated object 
model [Fig. 6, 8A, col. 8 lines 49-65]. 
Golan teaches: 

a security agent is instantiated in the memory of the computer; the security agent for controlling access to 
the object model as instantiated in the memory of the computer, upon a command from a commander to 
execute the executable file to instantiate the persisted object model, the loader for instantiating the object 
model in the memory from the image source, instantiating the security agent in the memory from the 
security source, and returning to the commander a first reference to the instantiated security agent, 
whereby the commander in employing the first reference accesses the security agent rather than the 
instantiated object model [Fig. 9, 14, col. 8 lines 29-67, col. 9 lines 1-10, Fig. 5, col. 11 lines 45-67, col. 12 
lines 1-13, col. 13 lines 5-67, col. 14 lines 1-40]; the loader upon instantiating the security agent provides 
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same with a second reference to the instantiated object model, whereby the commander does not have the 
second reference and therefore cannot directly access the object model or command same to act [Fig. 4, 
col. 7 lines 50-57, Fig. 10]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Golan with Krishnan, since one would have been motivated to prevent the security 
breaches by monitoring the execution of the software component to [Golan, col. 1 lines 13-28]. 
Liberman teaches: 

An input device that receives a command input from a user to display information from an object model via 
a software application having an application commander; a computer monitor that displays the requested 
information, wherein the requested information from the object model is provided by the security agent to 
the application commander if the request for information does not act to expose the object model in non- 
obfuscated form [paragraph 0006, 0009, 0029, 0030, Fig. 7, 8]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Liberman with Krishnan and Golan, since one would have been motivated to provide the 
protection of document/object model from unauthorized uses (e.g. copying/saving/printing/displaying) 
[Liberman, paragraph 0002]. 

As per claim 2 , the rejection of claim 34 is incorporated and Golan discloses: 

the executable file is compiled by a compiler from a C-type programming language object model document 
[col. 9 lines 56-67, col. 10 lines 1-18, Fig. 4]. 

As per claim 3 , the rejection of claim 34 is incorporated and Golan discloses: 
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the loader upon instantiating the security agent provides same with a second reference to the instantiated 
object model, whereby the commander does not have the second reference and therefore cannot directly 
access the object model or command same to act [Fig. 4, col. 7 lines 50-57, Fig. 10]. 
As per claim 4 , the rejection of claim 34 is incorporated and Golan discloses: 

the instantiated security agent passes on each command (i.e. API call) from the commander to the object 
model unless such security agent deems such command to be of a type that should not be so passed on 
[col. 2 lines 43-47, 67, col. 3 lines 1-3]. 

As per claim 9 , the rejection of claim 34 is incorporated and Krishnan discloses: 
the loader instantiates the security agent as part of the object model [Fig. 8A, 8B]. 

6. Claim 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Krishnan et al (US Patent 
No. 6,405,316) and in view of Golan (US Patent No. 5,974,549) and in view of Liberman et al (US Pub. No. 
2003/0028801) and in view of Seeman (US Pub. No. 2003/0200459). 

As per claim 5 , the rejection of claim 34 is incorporated and Golan discloses blocking the API calls (i.e. 
commands) that are forbidden according to the security policy [col. 2 line 67, col. 3 lines 1-3]. Golan 
doesn't expressively mention that a type of command that would expose the object model in a non- 
obfuscated form. 

Seeman teaches: the security agent does not pass on to the object model a type of command that would 
expose the object model in a non-obfuscated form (i.e. clear form or decrypted form) [paragraph 0022 lines 
13-16, paragraph 0165 lines 16-18 determines access/usage rights, if determines that the file may not be 
accessed, process monitor blocks further file reading i.e. does not perform the decryption process on the 
protected file/document]. 
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Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Seeman with Krishnan, Golan and Liberman, since one would have been motivated to 
protecting the digital documents/files [Seeman, paragraph 0019 lines 2-3]. 

7. Claims 6 and 7 are rejected under 35 U.S.C. 103(a) as being unpatentable over Krishnan et al (US 
Patent No. 6,405,316) and in view of Golan (US Patent No. 5,974,549) and in view of Liberman et al (US 
Pub. No. 2003/0028801) and Masaki et al (US Patent No. 6,980,308). 

As per claim 6 , the rejection of claim 34 is incorporated and Golan discloses: blocking the API calls (i.e. 
commands) by the security monitor that are forbidden according to the security policy [col. 2 line 67, col. 3 
lines 1-3]. 

Masaki teaches: if the degree of matching with the specified pattern is large (i.e. expose the object with a 
level of granularity finer than a pre-defined maximum), sends a print inhibition command to the printer 
driver to stop the transmission of the print data (i.e. does not pass a command) [col. 4 lines 1-5, col. 3 lines 
9-13, Fig. 7]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Masaki with Krishnan, Golan and Liberman, since one would have been motivated to 
provide the security [Masaki, col. 1 line 13]. 

As per claim 7 , the rejection of claim 34 is incorporated and Golan discloses: 

allowing the API calls (i.e. commands) by the security monitor that are permitted according to the security 
policy [col. 3 lines 3-5]. 
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the pattern detector does not detect a specified pattern (i.e. expose the object with a level of granularity 
coarser than the pre-defined maximum), sends a print permission command to the printer driver to start the 
transmission of the print data (i.e. passes a command) [col. 3 lines 1-7, Fig. 7]. 

8. Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Krishnan et al (US Patent 
No. 6,405,316) and in view of Golan (US Patent No. 5,974,549) and in view of Liberman et al (US Pub. No. 
2003/0028801) and in view of Dutta et al (US Pub. No. 2002/0138727). 

As per claim 8 , the rejection of claim 34 is incorporated and Krishnan discloses the security agent and the 
object model [Fig. 1]. 

Dutta teaches: the loader instantiates the security agent (i.e. class public ServerClassM) separately from 
the object model (i.e. Class public ClientClassA or Class public ClientClassB) [Fig. 4A, paragraph 0047, 
0048, 0050]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to combine Dutta with Krishnan, Golan and Liberman, since one would have been motivated to 
provide secure access control [Dutta, paragraph 0009 lines 4-5]. 

Response to Amendment 

9. Applicant has amended claims 10, 18 and added new claim 34, which necessitated new ground of 
rejection. See rejection above. 
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Conclusion 

10. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. 
Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the 
extension of time policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the 
mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this 
final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened 
statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, 
and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory 
action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Nirav Patel whose telephone number is 571-272-5936. If attempts to reach the 
examiner by telephone are unsuccessful, the examiner's supervisor, Kim Vu can be reached on 571-272- 
3859. The fax and phone numbers for the organization where this application or proceeding is assigned is 
571-273-8300. Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 571-272-2100. 

NBP 

4/18/08 

/KIMYEN VU/ 

Supervisory Patent Examiner, Art Unit 2135 



